DenyHosts policy
Dominick Grift
domg472 at gmail.com
Mon Dec 21 12:43:47 UTC 2009
On Mon, Dec 21, 2009 at 12:57:49PM +0100, Miroslav Grepl wrote:
> On 12/19/2009 10:51 AM, Dominick Grift wrote:
> >Attached is DenyHosts modules Based on the Fedora 12 DenyHosts package.
> >
> >Maintained here: git clone git://82.197.205.60/selinux-modules.git
> >
> >
> >
> >--
> >fedora-selinux-list mailing list
> >fedora-selinux-list at redhat.com
> >https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> From denyhosts.te:
>
> # /etc/hosts.deny
> files_rw_etc_files(denyhosts_t)
>
> Dominick,
> I believe we shouldn't add this permission to denyhosts.
>
> Dan,
> maybe other candidate for system_conf_t type as well as sysctl.conf.
Agreed. Same could be said for /var/log/secure being generic var_log_t?
>
> Regards,
> Miroslav
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20091221/a64a3194/attachment.sig>
More information about the fedora-selinux-list
mailing list